Quizzer Questions

BEC IT
1. MIPS stands for
a. Memory in protocol standards.
b. Millions of instructions per second.
c. Mitigating individualistic personnel standards.
d. Multiple input physical saving.
2. A set of step-by-step procedures used to accomplish a task is a(n)
a. Algorithm.
b. Compilation Master.
c. Linux.
d. Transitor.
3. Unix is a(n)
a. Operating system.
b. Singular disk drive.
c. Central processing unit.
d. Logic unit.
4. A current day instruction to a computer such as “ Extract all Customers where
‘Name’ is Smith” would most likely relate to a
a. First generation programming language.
b. Fourth generation programming language.
c. Seventh generation programming language.
d. Ninth generation programming language.
5. A company’s management has expressed concern over the varied system
architectures that the organization uses. Potential security and control concerns
would include all of the following except:
a. Users may have different user ID codes and passwords to remember for several
systems that they use.
b. There are difficulties in developing uniform security standards for the various
platforms.
c. Backup file storage administration is often decentralized.
d. Having data distributed across many computers throughout the organization
increases the risk that a single disaster would destroy large portions of the
organization’s data.
6. All of the following are methods for distributing a relational database across multiple
servers except:
a. Snapshot (making a copy of the database for distribution).
b. Replication (creating and maintaining replica copies at multiple locations).
c. Normalization (separating the database into logical tables for easier user
processing).
d. Fragmentation (separating the database into parts and distributing where they are
needed).
7. Misstatements in a batch computer system caused by incorrect programs or data may
not be detected immediately because
a. Errors in some transactions may cause rejection of other transactions in the batch.
b. The identification of errors in input data typically is not part of the program.
c. There are time delays in processing transactions in a batch system.
d. The processing of transactions in a batch system is not uniform.
8. First Federal S & L has an online real-time system, with terminals installed in all of
its branches. This system will not accept a customer’s cash withdrawal instructions in
excess of $1,000 without the use of a “terminal audit key.” After the transaction is
authorized by a supervisor, the bank teller then processes the transaction with the
audit key. This control can be strengthened by
a. Online recording of the transaction on an audit override sheet.
b. Increasing the dollar amount to $1,500.
c. Requiring manual, rather than online, recording of all such transactions.
d. Using parallel simulation.
9. Where disk files are used, the grandfather-father-son updating backup concept is
relatively difficult to implement because the
a. Location of information points on disks is an extremely time-consuming task.
b. Magnetic fields and other environmental factors cause off-site storage to be
difficult.
c. Information must be dumped in the form of hard copy if it is to be reviewed
before used in updating.
d. Process of updating old records is destructive.
10. Which of the following characteristics distinguishes electronic data interchange (EDI)
from other forms of electronic commerce?
a. EDI transactions are formatted using the standards that are uniform worldwide.
b. EDI transactions need not comply with generally accepted accounting principles.
c. EDI transactions ordinarily are processed without the internet
d. EDI transactions are usually recorded without security and privacy concerns.
11. A set of rules for exchanging data between two computers is a
a. Communicator.
b. Operating system.
c. Protocol.
d. Transmission speed.
12. When developing a new computer system that will handle customer orders and
process customer payments, a high-level systems design phase would include
determination of which of the following?
a. How the new system will affect current inventory and general ledger systems.
b. How the file-layouts will be structured for the customer order records.
c. Whether to purchase a turn-key system or modify an existing system.
d. Whether formal approval by top management is needed for the new system.
13. The internal auditor is reviewing a new policy on electronic mail. Appropriate
elements of such a policy would include all of the following except:
a. Erasing all employee’s electronic mail immediately upon employment
termination.
b. Encrypting electronic mail messages when transmitted over phone lines.
c. Limiting the number of electronic mail packages adopted by the organization.
d. Directing that personnel do not send highly sensitive or confidential messages
using electronic mail.
14. Which of the following risks is more likely to be encountered in an end-user
computing (EUC) environment as compared to a computer system?
a. Inability to afford adequate uninterruptable power supply systems.
b. User input screens without graphical user interface (GUI).
c. Applications that are difficult to integrate with other information systems.
d. Lack of adequate utility programs.
15. Methods to minimize the installation of unlicensed microcomputer software include
all of the following except:
a. Employee awareness programs.
b. Regular audits for unlicensed software.
c. Regular monitoring of network access and start-up scripts.
d. An organizational policy that includes software licensing requirements.
16. Which of the following characteristics distinguish electronic data interchange (EDI)
from other forms of electronic commerce?
a. The cost of sending EDI transactions using a value-added network (VAN) is less
than the cost of using the internet.
b. Software maintenance contracts are unnecessary because translation software for
EDI transactions need not be updated.
c. EDI commerce is ordinarily conducted without establishing legally binding
contracts between trading partners.
d. EDI transactions are formatted using strict standards that have been agreed to
worldwide.
17. Many entities use the Internet as a network to transmit electronic data interchange
(EDI) transactions. An advantage of using the Internet for electronic commerce
rather than a traditional value-added network (VAN) is that the Internet
a. Permits EDI transactions to be sent to trading partners as transactions occur.
b. Automatically batches EDI transactions to multiple trading partners.
c. Possesses superior characteristics regarding disaster recovery.
d. Converts EDI transactions to standard format without translation software.
18. Which of the following statements is correct concerning internal control when a client
is using an electronic data interchange system for its sales?
a. Controls should be established over determining that all suppliers are included in
the system.
b. Encryption controls may help to assure that messages are unreadable to
unauthorized persons.
c. A value-added –network (VAN) musty be used to assure proper control.
d. Attention must be paid to both the electronic and “paper” versions of transaction.
19. Which of the following is a network node that is used to improve network traffic and
to set up as a boundary that prevents traffic from one segment to cross over to
another?
a. Router.
b. Gateway.
c. Firewall.
d. Heuristic.
20. Which of the following passwords would be most difficult to crack?
a. OrCa!FlSi
b. language
c. 12HOUSE24
d. pass56word
21. Output controls ensure that the results of computer processing are accurate, complete,
and properly distributed. Which of the following is not a typical output control?
a. Reviewing the computer processing logs to determine4 that all of the correct
computer jobs execute properly.
b. Matching input data with information on master files placing unmatched items in
a suspense file.
c. Periodically reconciling output reports to make sure that totals, formats, and
critical details are correct and agree with input.
d. Maintaining formal procedures and documentation specifying authorized
recipients of output reports, checks, or other critical documents.
22. A manufacturer is considering using bar-code identification for recording information
on parts used by the manufacturer. A reason to use bar codes rather than other means
of identification is to ensure that
a. The movement of all parts is recorded.
b. The movement of parts is easily and quickly recorded.
c. Vendors use the same part numbers.
d. Vendors use the same identification methods.
23. Pirated software obtained through the Internet may lead to civil lawsuits or criminal
prosecution. Of the following, which would reduce an organization’s risk in this
area?
I. Maintain logs of all software purchases.
II. Audit individual computers to identify software on the computers.
III. Establish a corporate software policy.
IV. Provide original software diskettes to each user.
a. I and IV only.
b. I, II, and III only.
c. II and IV only.
d. II and III only.
24. Which of the following is an essential element of the audit trail in an electronic data
interchange (EDI) system?
a. Disaster recovery plans that ensure proper backup of files.
b. Encrypted hash totals that authenticate messages.
c. Activity logs that indicate failed transactions.
d. Hardware security modules that store sensitive data.
25. Which of the following are essential elements of the audit trail in an electronic data
interchange (EDI) system?
a. Network and sender/recipient acknowledgments.
b. Message directories and header segments.
c. Contingency and disaster recovery plans.
d. Trading partner security and mailbox codes.
26. Which of the following is an example of a validity check?
a. The computer ensures that numerical amount in a record does not exceed some
predetermined amount.
b. As the computer corrects errors and data are successfully resubmitted to the
system, the causes of the errors are printed out.
c. The computer flags any transmission for which the control field value did not
match that of an existing file record.
d. After data for a transaction are entered, the computer sends certain data back to
the terminal for comparison with data originally sent.
27. A control feature in an electronic data processing system requires the central
processing unit (CPU) to send signals to the printer to activate the print mechanism
for each character. The print mechanism, just prior to printing, sends a signal back to
the CPU verifying that the proper print position has been activated. This type of
hardware control is referred to as
a. Echo control.
b. Validity control.
c. Signal control.
d. Check digit control.
Answers
1 b 10 a 19 c
2 a 11 c 20 a
3 a 12 c 21 b
4 b 13 a 22 b
5 d 14 c 23 b
6 c 15 c 24 c
7 c 16 d 25 a
8 c 17 a 26 c
9 d 18 b 27 a
Answer Explanations
1. Answer b is correct because MIPS is an abbreviation for millions of instructions per
second, a unit for measuring the execution speed of computers. Answers a, c, and d
all include combinations of words that have no particular meaning in information
technology.
2. Answer a. is correct because an algorithm uses a step-by-step approach to accomplish
a task. Answer b. is incorrect because the term “compilation master” has no meaning
in information technology. Answer c. is incorrect because Linux is a form of
operating system. Answer d. is incorrect because the term “transitor” has no meaning
in information technology.
3. Answer a. is correct because Unix is a powerful operating system, originally
developed by AT&T Bell Labs, that is used by many users of high-end computing
hardware. Answers b., c., and d. are all incorrect because Unix is not a singular disk
drive, a central processing unit, or a logic unit.
4. Answer b. is correct because fourth generation programs ordinarily include
instructions relatively close to human languages – such as the instruction in this
question. Answer a. is incorrect because first generation instructions are in terms of
“1’s” and “0’s.” Answers c. and d. are incorrect because seventh and ninth
generation programming languages have not yet been developed (a few fifth
generation languages with extensive visual and graphic interfaces are currently in
process).
5. Answer d. is correct because the distribution of data actually decreases this risk so
this would not cause a control concern; it is a potential advantage to distributed
systems of various architectures versus centralized data in a single mainframe
computer. Answer a. is incorrect because password proliferation is a considerable
security concern because users will be tempted to write their passwords down or
make them overly simplistic. Answer b. is incorrect because consistent security
across varied platforms is often challenging because of the different security features
of the various systems and the decentralized nature of those controlling security
administration. Answer c. is incorrect because under centralized control,
management can feel more confident that backup file storage is being uniformly
controlled. Decentralization of this function may lead to lack of consistency and
difficulty in monitoring compliance.
6. Answer c. is correct because normalization is a process of database design not
distribution. Answer a. is incorrect because making a copy of the database for
distribution is a viable method for the described distribution. Answer b. is incorrect
because creating and maintaining replica copies at multiple locations is a viable
method for the described distribution. Answer d. is incorrect because separating the
database into parts and distributing where they are needed is a viable method for the
described distribution.
7. Answer c. is correct because batch programs are run periodically and thereby result in
delays in processing; accordingly, detection of misstatements may be delayed.
Answer a. is incorrect because errors will be detected in the batch. Answer b. is
incorrect because the identification of errors is typically included as a part of the
batch program. Answer d. is incorrect because a batch system will ordinarily process
transactions in a uniform manner.
8. Answer a. is correct because documentation of all situations in which the “terminal
audit key” has been used will improve the audit trail. Answer b. is incorrect because
increasing the dollar amount required for use of the key will simply reduce the
number of times it is used (and allow larger withdrawals to be made without any
required special authorization). Answer c. is incorrect because there is no reason to
believe that a manual system will be more effective than an online system. Answer d.
is incorrect because parallel simulation, running the data through alternate software,
would seem to have no particular advantage for processing these large withdrawals.
9. Answer d, is correct because updating destroys the old records. Answer a. is
incorrect because the location of information points on disks is not an extremely time
consuming task if the disks have been properly organized and maintained. Answer b.
is incorrect because off-site storage through disks is possible, though costly. Answer
c. is incorrect because information need not be dumped in the form of hard copy.
10. Answer a. is correct because EDI transactions are ordinarily formatted using one of
the available uniform worldwide sets of standards. Answer b. is incorrect because,
when financial statements are prepared, EDI transactions must follow generally
accepted accounting principles. Answer c. is incorrect because EDI transactions may
or may not be processed using the Internet. Answer d, is incorrect because security
and privacy are considered when recording EDI transactions.
11. Answer c. is correct because a protocol is such a set of rules. Answer a. is incorrect
because the term “communicator” is very general and has no specific meaning in this
context. Answer b. is incorrect because while an operating system controls the
execution of computer programs and may provide various services related to
computers, it is not a set of rules for exchanging data. Answer d. is incorrect because
transmission speed is the speed at which computer processing occurs.
12. Answer c. is correct because the determination of what type of system to obtain is
made during the high-level design phase. Answer a. is incorrect because the effect of
the new system would be part of the feasibility study. Answer b. is incorrect because
the file layouts are part of the detailed design phase. Answer d. is incorrect because
formal approval is made during the request for the systems design phase.
13. Answer a. is correct because the company should have access to the business-related
e-mail that is left behind. Access to e-mail can also be critical in business interests:
the need to follow up on business e-mail and to assist in investigation. Answer b. is
incorrect because encryption helps prevent eavesdropping by unauthorized persons
trying to compromise e-mail messages. Answer c. is incorrect because limiting the
number of packages would decrease the number of administrators who might have
access to all messages. Answer d. is incorrect because controlling the transmission of
confidential information by e-mail will help avoid theft of information through
intrusion by outsiders.
14. Answer c. is correct because this risk is considered unique to end-user computing
(EUC) system development. Answer a. is incorrect because this risk relates to both
traditional information systems and end-user computing (EUC) environments.
Answer b. is incorrect because this risk relates to both traditional information systems
and end-user computing (EUC) environments. Answer d, is incorrect because this
risk relates to all computing environments.
15. Answer c. is correct because this technique will not affect introduction of unlicensed
microcomputer software. Answer a. is incorrect because this technique works.
Answer b. is incorrect because such audits are a must to test for the other controls that
should be in place. Answer d. is incorrect because the basis for all good controls is a
written policy.
16. Answer d. is correct because standards for EDI transactions, within any one group of
trading partners, have been agreed upon so as to allow the system to function
efficiently. Answer a. is incorrect because the cost of EDI transaction using a VAN
will often exceed the cost of using the Internet. Answer b. is incorrect because
software maintenance contracts are often necessary. Answer c. is incorrect because
EDI commerce involves legally binding contracts between trading partners.
17. Answer a. is correct because such simultaneous processing of transactions is more
likely under an Internet system in which lines are often available at a fixed or nearly
fixed rate. Answer b. is incorrect because the Internet itself will not automatically
prepare such batches. Answer c. is incorrect because an Internet system will not
ordinarily have superior characteristics regarding disaster recovery. Answer d. is
incorrect because translation software is needed both for Internet and VAN systems.
18. Answer b, is correct because encryption controls are designed to assure that messages
are unreadable to unauthorized persons and to thereby control the transaction.
Answer a. is incorrect because suppliers are not ordinarily included in a company’s
sales controls and because even in a purchasing EDI system all suppliers need not be
included. Answer c. is incorrect because a value-added-network that provides
network services may or may not be used in an EDI system. Answer d. is incorrect
because “paper” versions of transactions typically disappear in an EDI system.
19. Answer c. is correct because a firewall is a computer that provides a defense between
one network (inside the firewall) and another network (outside the firewall) that could
pose a threat to the inside network. Answer a. is incorrect because a router is a
computer that determines the best way for data to move forward to their destination.
Answer b. is incorrect because a gateway is a communications interface device that
allows a local area network to be connected to external networks and to communicate
with external computers and databases. Answer d. is incorrect because a heuristic is a
simplified rule to help an individual make decisions.
20. Answer a. is correct because OrCa!FlSi does not seem like a password that one would
guess or even recall if seen briefly (because of its use of both capital and lower case
letters, numbers, and punctuation marks). Answers b., c., and d. are all incorrect
because they represent passwords that would be easier to identify.
21. Answer b. is correct because matching the input data with information held on master
or suspense files is a processing control, not an output control, to ensure that data are
complete and accurate during updating. Answer a. is incorrect because a review of
the computer processing logs is an output control to ensure that data are accurate and
complete. Answer c. is incorrect because periodic reconciliation of output reports is
an output control to ensure that data are accurate and complete. Answer d. is
incorrect because maintaining formal procedures and documentation specifying
authorized recipients is an output control to ensure proper distribution.
22. Answer b. is the correct answer because a reason to use bar codes rather than other
means of identification is to record the movement of parts with minimal labor costs.
Answer a. is incorrect because the movement of parts can escape being recorded with
any identification method. Answer c. is incorrect because each vendor has its own
part-numbering scheme, which is unlikely to correspond to the buyer’s scheme.
Answer d. is incorrect because each vendor has its own identification method,
although vendors in the same industry often cooperate to minimize the number of bar
code systems they use.
23. Answer b. is correct because (I) Maintaining a log protects and organization since a
log documents software purchases. (II) Auditing individual computers will
discourage illegal software usage. (III) Establishing a corporate software policy will
discourage illegal software usage. (IV) Allowing users to keep original diskettes
increases both the likelihood of illegal copies being made and the loss of diskettes.
Answers a., c., and d. are all incorrect.
24. Answer c. is correct because effective audit trails need to include activity logs,
including processed and failed transactions, network and sender/recipient
acknowledgement, and time sequence of processing. Answer a. is incorrect because
disaster recovery plans, while essential to the overall system, are not an essential
element of the audit trail. Answer b. is incorrect because encrypted hash totals deal
less directly with the audit trail than do activity logs. Answer d. is incorrect because
hardware security modules that store sensitive data do not deal directly with the audit
trail.
25. Answer a. is correct because effective audit trails need to include activity logs,
including processed and failed transactions, network and sender/recipient
acknowledgements, and time sequence of processing. Answer b. is incorrect because
neither message directories nor leader segments directly affect the audit trail. Answer
c. is incorrect because contingency and disaster recovery plans, while important, are
not as directly related to the audit trail as are the acknowledgements suggested in
answer a. Answer d. is incorrect because while knowing trading partner security and
mailbox codes is essential, it is more closely related to overall security than is answer
a.

26. Answer c. is correct because the computer flagging of inappropriate transactions due
to data in a control field that did not match that of an existing file record is a validity
check. Answer a. is incorrect because a limit test ensures that a numerical amount in
a record does not exceed some predetermined amount. Answer b. is incorrect
because the resubmission of data is not a validity check. Answer d. is incorrect
because the reading back of data to the terminal is an echo check.

27. Answer a is correct because an echo check or control consists of transmitting data
back to the source unit for comparison with the original data that were transmitted. In
this case, the print command is sent to the printer and then returned to the CPU to
verify that the proper command was received. A validity check (answer b.) consists
of the examination of a bit pattern to determine that the combination is legitimate for
the system character set (i.e., that the character represented by the bit combinations is
valid per the system). Answer c., a signal control or signal check, appears to be a
nonsense term. Answer d., check digit control, is a programmed control wherein the
last character or digit can be calculated from the previous digits.